On 07 Jul 2020, at 08:06, Tony Finch <d...@dotat.at> wrote:
Excellent post, and a nice summary of some best practices.
I have a couple of questions.
> Response rate limiting is very effective. Start off by putting the
> following in your options{} section, and look in the BIND ARM for other
> directives you can put in the rate-limit{} section.
>
> rate-limit { responses-per-second 10; };
Does that apply to local queries as well (for example, a mail server may easily
make a whole lot of queries to 127.0.0.1, and rate limiting it would at the
very least affect logging and could delay mail if the MTA cannot verify DNS.
Do these setting also need to be applied to the secondary servers?
--
What's another word for Thesaurus?
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
